So there is the new Data Protection Bill to put in place the rules under the General Data Protection Regulation, under EU law.
Well, there is a lot to this, so this is just a placeholder post really - to say there is a lot of shit going down, and with any luck I can post more about this in due course.
This, and the NIS directive, almost feel like exactly the sort of thing those Brexit voters were wanting to kill off!
Subscribe to: Post Comments (Atom)
So.Energy & Ombudsman
It has been hard work, but I finally have a sensible final bill from So.Energy. It was only Electricity that was the issue. The problem was ...
Broadband services are a wonderful innovation of our time, using multiple frequency bands (hence the name) to carry signals over wires (us...
It seems there is something of a standard test string for anti virus ( wikipedia has more on this). The idea is that systems that look fo...
For many years I used a small stand-alone air-conditioning unit in my study (the box room in the house) and I even had a hole in the wall fo...
We will have just as much stupidity once we have left the EU. The only difference is it will be us that created it. I'm sure the media will still blame the EU though.ReplyDelete
It is going to take 20 to 30 years to extract us from all EU stupidity so (rare for me to say it) the media may be right in some cases.Delete
I'm not sure why protecting peoples' personal data is "stupidity"? GDPR has lots of really nice protections, like the requirement for businesses to tell you when they have bought your data from another business, so you can keep track of who's got it.Delete
There is a lot to be said for close regulation of those that actually work on and trade and deal with personal data - people whose actual business is your data. However there is also a lot that gets dragged in to that where actually the processing is no more than normal business practice, like having the name and address of the person you bill, or the absolutely crazy idea that an IP address is somehow personal data even when it is not. For a business like us, which does not even do a bulk mail shot to existing customers, it is adding a heck of a lot of work and cost and risk of fines which should not be necessary. It is also hard to see that it will necessarily be effective where you want it to.Delete
The Telegraph did an article about GDRP the other day. most of the comments on it were Brexiters complaining either that (1) we shouldn't have to have these stupid EU laws (because protecting personal data is somehow bad?) or (2) we don't need the EU to get these laws because our own government could pass them themselves (yes, they could... but they haven't, so maybe that shows the EU's worth by the fact that they have forced the issue?).ReplyDelete
If you have the name and address for the person you bill, then that is `necessary for contract`. So you are probably fine.ReplyDelete
Probably fine, because the ICO has not published any guidance yet. Until the ICO publishes, then anybody talking about GDPR needs to be careful.